JP4750348B2 - Managing keys for encrypted media - Google Patents
Managing keys for encrypted media Download PDFInfo
- Publication number
- JP4750348B2 JP4750348B2 JP2002566946A JP2002566946A JP4750348B2 JP 4750348 B2 JP4750348 B2 JP 4750348B2 JP 2002566946 A JP2002566946 A JP 2002566946A JP 2002566946 A JP2002566946 A JP 2002566946A JP 4750348 B2 JP4750348 B2 JP 4750348B2
- Authority
- JP
- Japan
- Prior art keywords
- media
- key
- server
- customer device
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
- 238000000034 method Methods 0.000 claims abstract description 21
- 238000012797 qualification Methods 0.000 claims 1
- 238000007726 management method Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 125000002066 L-histidyl group Chemical group [H]N1C([H])=NC(C([H])([H])[C@](C(=O)[*])([H])N([H])[H])=C1[H] 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/254—Management at additional data server, e.g. shopping server, rights management server
- H04N21/2541—Rights Management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/633—Control signals issued by server directed to the network components or client
- H04N21/6332—Control signals issued by server directed to the network components or client directed to client
- H04N21/6334—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
- H04N21/63345—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/637—Control signals issued by the client directed to the server or network components
- H04N21/6377—Control signals issued by the client directed to the server or network components directed to server
- H04N21/63775—Control signals issued by the client directed to the server or network components directed to server for uploading keys, e.g. for a client to communicate its public key to the server
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/80—Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
- H04N21/83—Generation or processing of protective or descriptive data associated with content; Content structuring
- H04N21/835—Generation of protective data, e.g. certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/167—Systems rendering the television signal unintelligible and subsequently intelligible
- H04N7/1675—Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/101—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management
Abstract
Description
本発明は、暗号鍵管理システムを用いてデジタル視聴覚著作物(digitised audio-visual works)を安全に流通させることに関する。 The present invention relates to the secure distribution of digitized audio-visual works using an encryption key management system.
従来、語録用視聴覚著作物は、オーディオやビデオ之CDSまたは放送やケーブルテレビ放送によって消費者に直接配信される。適切な帯域幅のインターネットはデジタル視聴覚著作物の配信にたいして実行可能な代替案を提供する。特にインターネットを経由したデジタル配信は、これまでビデオ・オン・デマンド・サービスの発展を阻害してきた問題の解決方法になっている。 Traditionally, audiovisual works for vocabulary are delivered directly to consumers by audio, video CDS, broadcast or cable television broadcast. A suitable bandwidth Internet provides a viable alternative to the distribution of digital audiovisual works. In particular, digital distribution via the Internet has become a solution to the problems that have hindered the development of video-on-demand services.
オーディオ著作物およびビデオ著作物をデジタル化して再生する技術は公知である。デジタル化した著作物がインターネットのようなデータネットワークを介して電子的に流通する場合、ファイルのサイズとネットワークの帯域幅は(圧縮されたときでさえも)、著作物をダウンロードする妥当な時間内で消費者が聴いたり視たりすることを開始できるならば、ストリーミング技術を使用しなければならないことを意味している。ストリーミング・ソフトウエアの一例は、リアル・ネットワークス社のリアル・サーバー(RealServer)とリアル・プレーヤ(RealPlayer)である。 Techniques for digitizing and reproducing audio works and video works are well known. When a digitized work is distributed electronically over a data network such as the Internet, the file size and network bandwidth (even when compressed) is within a reasonable time to download the work. This means that if consumers can start listening and watching, they must use streaming technology. One example of streaming software is Real Networks' RealServer and RealPlayer.
インターネット上でデジタル視聴覚著作物を利用可能にすることに関する1つの問題は、海賊版のコピーが容易につくられて流通し、そのため制作者や著作権所有者の収入が剥奪されることである。視聴覚著作物は、その視聴覚著作物に対して料金を払った消費者によってのみ再生されうることを保証するためのニーズが存在する。 One problem with making digital audiovisual works available on the Internet is that pirated copies are easily made and circulated, thus depriving producers and copyright holders of revenue. There is a need to ensure that an audiovisual work can only be played by consumers who have paid for the audiovisual work.
インターネットを介して流通する視聴覚著作物の無認可使用を管理するために暗号システムが提案されているが、データの復号に必要な鍵の管理が不便、不十分または不適切である。 Cryptographic systems have been proposed to manage unauthorized use of audiovisual works distributed over the Internet, but the management of keys required to decrypt data is inconvenient, insufficient or inappropriate.
したがって、本発明の目的は、データネットワークを介してデジタル視聴覚著作物を安全に流通させる方法を提供することである。 Accordingly, it is an object of the present invention to provide a method for safely distributing digital audiovisual works over a data network.
したがって1つの態様における本発明は、データネットワークを介し消費者に対してデジタル視聴覚著作物(「メディア」)を安全に流通させる方法にあり、この方法は、
各著作物ごとに異なる暗号鍵(「メディア・キー」)を用いて前記メディアを暗号化するステップと、
前記暗号化したメディアを1つまたは複数の第1のサーバーに格納するステップと、
メディア・キーを第2のサーバーに格納するステップと、
1つまたは複数の小売りサーバーを利用可能にして、小売業者によって設定された条件を承知することと引き替えに、消費者がその小売りサーバーから所望のメディアのメディア・キーを受け取る権利を取得することができるステップと、
前記消費者が、ネットワークに接続された顧客装置から選択した小売りサーバーに対し所望のメディア著作物の少なくともメディア・キーを要求するステップと、
前記選択された小売りサーバーにおいて、前記消費者が前記小売り業者(retailer)の条件に合致していることを検証するステップと、
合致している場合は、前記小売りサーバーが、前記要求を前記第2のサーバーに送るか、または前記第2のサーバーに連絡することを可能にするデータを顧客装置に供給するステップと、
前記第2のサーバーにおいて、前記小売りサーバーまたは顧客装置からの要求を満足させる正当性を検証して、正当な場合は、関連するメディア・キーを暗号化し、その暗号化したメディア・キーを前記小売りサーバーまたは前記顧客装置のいずれかにダウンロードするステップと、
前記小売りサーバーが、前記第2のサーバーから暗号化されたメディア・キーを受け取ると、前記暗号化されたメディア・キーを前記顧客装置にダウンロードするステップと、
前記顧客装置において、前記受け取ったメディア・キーを復号して、その復号したメディア・キーをメモリに格納するステップと、
前記顧客装置において、適切な第1のサーバーに対して、前記所望のメディア著作物を供給する要求を発生するステップと、
前記第1のサーバーから前記顧客装置に対して、前記所望の暗号化されたメディア著作物をダウンロードするステップと、
前記顧客装置において、前記メモリから前記メディア・キーを取り出し、取り出したメディア・キーを用い、適切な再生用ソフトウエアを用いてメディア著作物を再生することができる条件に前記メディア著作物を復号するステップと、
を含む。
Accordingly, the present invention in one aspect resides in a method for securely distributing digital audiovisual works (“media”) to consumers over a data network, the method comprising:
Encrypting the media using a different encryption key ("media key") for each work;
Storing the encrypted media on one or more first servers;
Storing the media key on a second server;
Obtaining the right for a consumer to receive a media key for a desired media from the retail server in exchange for making one or more retail servers available and accepting the conditions set by the retailer Possible steps,
Said consumer requesting at least a media key of a desired media work from a retail server selected from a customer device connected to a network;
Verifying at the selected retail server that the consumer meets the retailer's requirements;
If so, the retail server supplies data to the customer device that allows the request to be sent to the second server or contacted to the second server;
The second server verifies the validity of satisfying the request from the retail server or customer device and, if valid, encrypts the associated media key and uses the encrypted media key as the retail server. Downloading to either a server or said customer device;
When the retail server receives the encrypted media key from the second server, downloading the encrypted media key to the customer device;
Decrypting the received media key in the customer device and storing the decrypted media key in memory;
Generating a request to supply the desired media work to an appropriate first server at the customer device;
Downloading the desired encrypted media work from the first server to the customer device;
In the customer device, the media key is taken out from the memory, and the media work is decrypted on the condition that the media work can be played back using appropriate playback software using the taken out media key. Steps,
including.
本発明の考え方は、インターネットを介して、他のデジタル製品を安全に流通させるためにも適用されうる。したがって、さらなる態様における本発明は、データネットワークを介してデジタル製品を消費者に安全に流通させる方法にあり、この方法は、
各製品ごとに異なる暗号鍵(「製品キー」)を用いて前記製品を暗号化するステップと、
前記暗号化された製品を第1のサーバーに格納するステップと、
前記製品キーを第2のサーバーに格納するステップと、
各製品と各製品に対応するキーとに対応するとともに、前記メディア著作物と前記製品および製品キーのそれぞれの位置とを識別する情報を含むステアリングファイルをつくり出すステップと、
消費者が購入する各製品に対応するステアリング・ファイルを第3のサーバー上で利用可能にするステップと、
前記ステアリング・ファイルが、ネットワークに接続され前記消費者にアクセス可能な顧客のコンピュータ装置上で実行されると、前記第2のサーバーに対して、前記ステアリング・ファイルの中で識別された前記製品のキーを要求するステップと、
前記第2のサーバーにおいて、前記消費者に独特のキーに該当する前記製品キーを暗号化し、その暗号化した製品キーを前記顧客装置にダウンロードするステップと、
前記顧客装置において前記製品キーを復号し、その復号した製品キーをメモリに格納するステップと、
前記顧客装置から前記第1のサーバーに対して、前記ステアリング・ファイルで識別された前記製品を配信する要求を発生するステップと、
前記暗号化された製品を前記第1のサーバーから前記顧客装置に対してダウンロードするステップと、
前記メモリから前記製品キーを取り出し、取り出した製品キーを用いて前記製品を、すぐに用いられる条件に復号するステップと、
を含む。
The idea of the present invention can also be applied to safely distribute other digital products over the Internet. Accordingly, the invention in a further aspect resides in a method for securely distributing digital products to consumers over a data network, the method comprising:
Encrypting the product using a different encryption key ("product key") for each product;
Storing the encrypted product on a first server;
Storing the product key on a second server;
Creating a steering file corresponding to each product and a key corresponding to each product and including information identifying the media work and the respective location of the product and the product key;
Making the steering file corresponding to each product the consumer purchases available on a third server;
When the steering file is executed on a customer computing device that is connected to the network and accessible to the consumer, the second server is notified of the product identified in the steering file. Requesting a key;
Encrypting the product key corresponding to a key unique to the consumer at the second server and downloading the encrypted product key to the customer device;
Decrypting the product key in the customer device and storing the decrypted product key in memory;
Generating a request from the customer device to deliver the product identified in the steering file to the first server;
Downloading the encrypted product from the first server to the customer device;
Retrieving the product key from the memory and decrypting the product to a ready-to-use condition using the retrieved product key;
including.
望ましくは、公開鍵暗号システムを用いて顧客装置にダウンロードするメディア・キーを暗号化するが、これを容易にするのは、顧客装置は消費者の公開鍵を第2のサーバーにアップロードすることである。 Preferably, the media key to be downloaded to the customer device is encrypted using a public key cryptosystem, which facilitates this by uploading the consumer's public key to the second server. is there.
本発明は、メディアをストリーミングする方法で視聴覚著作物のようなコンテンツを安全にオンライン配信することを特に考慮しているが、それに限定されるものではない。コンテンツが暗号化され、鍵管理システム(key management system)または権利管理(rights management)システムが確定されて、認可されたユーザーだけがコンテンツを復号して再生することができる。暗号化されたコンテンツが、暗号鍵またはアクセス権と切り離して利用可能になり、消費者によってこれらのアクセス権や鍵が購入され、メディアも鍵も保持していない事業体(entity)から取得されないことは本発明の重要部分である。それだけでなく、3つの機能のすべてが別々のサーバー・サイトとは別の事業体によって管理される場合は、安全性が最高になる。 The present invention specifically contemplates the secure online distribution of content such as audiovisual works in a method of streaming media, but is not limited thereto. The content is encrypted and a key management system or rights management system is established so that only authorized users can decrypt and play the content. Encrypted content is made available separately from encryption keys or access rights, and these access rights and keys are purchased by consumers and are not obtained from entities that do not hold media or keys. Is an important part of the present invention. Not only that, but when all three functions are managed by a separate entity from separate server sites, security is best.
本発明は、復号化処理機能を備えた汎用コンピュータ(たとえば、PC)や特定用途向け計算装置(たとえば、セット・トップ・ボックス)で構成される顧客装置を用いることによって、暗号化されたメディアにアクセスしたい消費者またはエンドユーザーにメディア・キーを配信する。暗号化されたメディアは、ストリームまたはファイルで構成される。同時に(マルチ・キャスト)または個々の受信者ごとに(ユニ・キャスト)、さもなければファイルのダウンロード機構によって二人以上の受信者にメディアを配信できることを意図している場合は、暗号化事業体は、この目的のために発生するメディア・キーを用いて暗号化を実行するであろうから、このメディア・キーが、認可されたエンドユーザーだけに配信される鍵である。公開鍵アルゴリズムを用いてメディアを暗号化する場合、この文脈で用いられる「メディア・キー」という用語は、メディアを復号するために必要な秘密鍵または復号鍵を意味することとしたい。 The present invention can be applied to encrypted media by using a customer device composed of a general-purpose computer (for example, a PC) equipped with a decryption processing function or an application-specific computing device (for example, a set top box). Distribute media keys to consumers or end users who want access. The encrypted media is composed of a stream or a file. A cryptographic entity if it is intended to deliver media to more than one recipient at the same time (multicast) or for each individual recipient (unicast), or otherwise via a file download mechanism Will perform encryption using a media key generated for this purpose, so this media key is a key that is distributed only to authorized end users. When encrypting media using a public key algorithm, the term “media key” as used in this context is intended to mean a secret key or decryption key required to decrypt the media.
ここで説明したシステムにおけるメディア・キーは、「キー・サーバー」と呼ぶエージェントまたは事業体によってエンドユーザーに配信される。暗号化事業体による実際のメディアの暗号化に続いて、メディア・キーが、キー・サーバーに安全に送信または配信される。暗号化事業体は、何らかの一般的な手段を用いて、マルチ・キャスト・ストリーミングまたはユニ・キャスト・ストリーミングあるいはファイル・ダウンロード機構のいずれかによってエンドユーザーにメディアを配信する役割の「メディア・サーバー」に対し、暗号化されたメディアを送信または配信する。コンテンツ・プロバイダによって2つ以上のメディア・サーバーが利用される。メディアの安全性を最高にするためには、キー・サーバーとメディア・サーバーが別々の事業体によって管理されることが重要である。 Media keys in the systems described herein are distributed to end users by agents or entities called “key servers”. Following the actual media encryption by the encryption entity, the media key is securely transmitted or distributed to the key server. Cryptographic entities may use any common means to become a “media server” responsible for delivering media to end users through either multicast or unicast streaming or file download mechanisms. On the other hand, the encrypted media is transmitted or distributed. Two or more media servers are utilized by the content provider. In order to maximize media security, it is important that the key server and media server be managed by separate entities.
メディア・サーバーからエンドユーザーにメディア・ストリームを配信することができる手段のうち、現在利用可能な手段の一例は、リアル・ネットワークス社によって製造されたソフトウエア、リアル・サーバーとリアル・プレーヤである。 Among the means by which media streams can be delivered from media servers to end users, examples of currently available means are software manufactured by Real Networks, Real Servers and Real Players. .
図1を参照すると、「ジャスト・イン・タイム」で用いるようにメディア・キーを配信するために提案したシステムの一実施例におけるエンドユーザーは、要求する12ことによって、小売業者11(つまり、インターネットの「ストア」または「ショップ」)から、後でユーザーにダウンロード13されるユーザーが選んだメディア著作物の「ステアリング・ファイル」1を取得する。このファイルには、顧客装置10上で実行して、2つの要求、つまり1つは適切なメディア・キーに対する要求、他の1つはユーザーが選んだ暗号化されたメディアに対する要求をするユーザーのソフトウエアによって必要となる情報が含まれている。後者の機能は、ユーザーがメディア・キーを取得する時刻に関係なく、かつメディア・キーを取得する異なる時刻に暗号化メディアを取得するようになっているいくつかのビジネス・モデルでは省略されることがある。小売りストア11は、コンテンツ・プロバイダがもっているメディアの全作品のステアリング・ファイルを構築できるように十分なメディア情報を含むデータベース14を以前からダウンロードまたは更新16しているであろう。これらのメディアは、いろいろな従来のオンライン支払い手法または部分的なオンライン支払い手法を用いてエンドユーザーに販売される。 Referring to FIG. 1, an end user in one embodiment of a proposed system for distributing media keys for use in “just in time” requires a retailer 11 (ie Internet The “steering file” 1 of the media work selected by the user, which is downloaded 13 by the user later, is obtained from the “store” or “shop” of FIG. This file contains the user's request to run on the customer device 10, one requesting the appropriate media key and the other requesting the encrypted media chosen by the user. Contains information required by the software. The latter feature is omitted in some business models that are designed to acquire encrypted media regardless of when the user obtains the media key and at different times when the media key is obtained. There is. The retail store 11 would have previously downloaded or updated 16 the database 14 containing sufficient media information so that a content provider can build a steering file for all of the media's work. These media are sold to end users using a variety of conventional online payment techniques or partial online payment techniques.
適切なステアリング・ファイル・フォーマットの一例は、遠隔サーバー上のメディアに対する複数の要求を構成し同期をとるリアル・プレーヤによって共通的に用いられるSMILファイルである。この目的に用いるSMILファイルの一例は、
である。
One example of a suitable steering file format is a SMIL file that is commonly used by real players to construct and synchronize multiple requests for media on a remote server. An example of a SMIL file used for this purpose is
It is.
このステアリング・ファイルは、ほかにもメディア配信メタファイル(Media Delivery Metafle:MDM)によってつくられてもよく、次に示すものはその一例である。
This steering file may also be created by a Media Delivery Metafile (MDM), for example:
このSMILファイルにより、まず顧客装置上のユーザーのソフトウエア(たとえばリアル・プレーヤ)が、キー・サーバー3に対して、SMILファイルが関連しているメディアに対応するメディア・キーの要求を送る。この要求をするために必要なに情報は、キー・サーバー3の位置と、どのメディア・キーが要求されているかキー・サーバーが決定できるようにする情報とが含まれる。この要求をする処理には、エンドユーザーが自身の公開鍵4をキー・サーバー3に送信する手段が含まれ、さらに他の識別情報または認証情報をキー・サーバーに送信することを含めてもよい。公開鍵アルゴリズムを用いてメディア・キーを暗号化することが望ましく、これを容易にするのは、ユーザーの公開鍵4がキー・サーバーに提供されることである。 With this SMIL file, the user's software (eg, a real player) on the customer device first sends a request to the key server 3 for a media key corresponding to the media with which the SMIL file is associated. The information needed to make this request includes the location of the key server 3 and information that allows the key server to determine which media key is being requested. The process of making this request includes means for the end user to send his / her public key 4 to the key server 3, and may further include sending other identification information or authentication information to the key server. . It is desirable to encrypt the media key using a public key algorithm, which facilitates this by providing the user's public key 4 to the key server.
エンドユーザーが要求した鍵を受け取る資格があることを、本システムとは別の手段によってキー・サーバー3が確証すると、キー・サーバー3は、エンドユーザーの公開鍵によってメディア・キーを暗号化し、暗号化したそのメディア・キー5をエンドユーザーに送る。エンドユーザーのソフトウエア(たとえば、リアル・プレーヤの復号用「プラグイン」)は、暗号化したメディア・キーを、望ましくは揮発性メモリ5に格納するか、代替方法として、エンドユーザーの秘密鍵15を使ってメディア・キーを直ちに復号し、揮発性メモリにクリア・メディア・キーを格納してもよい。メディア・キーは、揮発性メモリ(たとえば、RAM)の中に常駐させ、ハードディスクドライブに格納された場合よりもずっと安全にして、ペイ・パー・ビュー・ビジネス・モデルが適用されても無認可の繰り返し利用を防止するように考えられている。 When the key server 3 verifies that the end user is entitled to receive the requested key by means other than the system, the key server 3 encrypts the media key with the end user's public key, The converted media key 5 is sent to the end user. End user software (eg, a real player decryption “plug-in”) preferably stores the encrypted media key in volatile memory 5 or, alternatively, the end user's private key 15. May be used to immediately decrypt the media key and store the clear media key in volatile memory. Media keys reside in volatile memory (eg, RAM), are much more secure than if they were stored on a hard disk drive, and are unauthorized and repetitive even when the pay-per-view business model is applied It is considered to prevent use.
暗号化されたメディア・キーを受信すると、ステアリング・ファイル1により、ユーザーのソフトウエアは、暗号化されたメディアを配信することをメディア・サーバー8に対して要求する7。メディアがダウンロード9されて(ストリーム配信の場合は第1の暗号化されたパケット、またはダウンロード配信の場合は暗号化された全ファイルが)到着すると、暗号化形式で格納されていた場合は、前に説明したように非対称的に復号されるメディア・キーが、揮発性メモリ5から取り出され、メディアを復号するために用いられるので、メディアを視たり聴いたりすることができ、あるいは反対に用いることができない。 Upon receipt of the encrypted media key, the steering file 1 causes the user's software to request 7 the media server 8 to deliver the encrypted media. When the media is downloaded 9 and arrives (first encrypted packet for stream delivery, or all encrypted files for download delivery), if it was stored in encrypted form, As described above, the asymmetrically decrypted media key is taken from the volatile memory 5 and used to decrypt the media so that the media can be viewed and listened to, or vice versa I can't.
ちょうどいま説明した実施例における小売りストア11は、ユーザーの要求に応答して、ステアリング情報を含むステアリング・ファイルを構築する。このステアリング・ファイルには、キー・サーバー・マネージャーから事前に取得した資格付与の情報(たとえば、独自の電子「切符」)が含まれる。しかし、他の実施例における小売りストアは、そのようなステアリング情報の在庫を維持できないので、ユーザーからの要求を受信する2たびに、直接キー・サーバー3から情報を取得することができる。キー・サーバー3は、ユーザーにダウンロードするステアリング情報を小売りストア11に配信してもよいし、代替方法としてユーザーの顧客装置10に直接ステアリング情報をダウンロードしてもよい。検証手続きは、それぞれ支払いと資格付与を検証する小売りストア11とキー・サーバー3によって実行される。 The retail store 11 in the embodiment just described builds a steering file that includes steering information in response to a user request. This steering file contains entitlement information (eg, a unique electronic “ticket”) previously obtained from the key server manager. However, since the retail store in other embodiments cannot maintain such steering information inventory, it can obtain information directly from the key server 3 every time it receives a request from the user. The key server 3 may distribute the steering information to be downloaded to the user to the retail store 11 or may download the steering information directly to the user's customer device 10 as an alternative method. The verification procedure is performed by the retail store 11 and the key server 3 that verify payment and entitlement, respectively.
第3の実施例においては、ユーザーがメディア・サーバー8のステアリング情報を含むファイルを受信するが、キー・サーバー3のステアリング情報のかわりにこのファイルの中で暗号化された鍵を実際に受信するように第2の実施例を修正することによって効率ゲインが達成される。これはキー・サーバー3によって直接ダウンロードされてもよいし、小売りストア11を介してダウンロードされ、このユーザーに転送されてもよい。このようなシナリオにおけるステアリング・ファイルの情報は、メディア・サーバーの位置とユーザーによって選ばれた暗号化されたメディアの識別子とを含むだけであろう。第1の実施例のように、ユーザーのソフトウエアは、そのメディアに関連していてメディアの復号を可能にする鍵を所有していないかぎり、暗号化されたメディアを再生することはできない。 In the third embodiment, the user receives a file containing the steering information of the media server 8 but actually receives the encrypted key in this file instead of the steering information of the key server 3. Thus, an efficiency gain is achieved by modifying the second embodiment. This may be downloaded directly by the key server 3 or downloaded via the retail store 11 and forwarded to this user. The steering file information in such a scenario would only include the location of the media server and the encrypted media identifier chosen by the user. As in the first embodiment, the user's software cannot play the encrypted media unless it has a key associated with the media that allows the media to be decrypted.
説明したこのシステムの利点は、
(a)認可された受信者のみがメディア・キーにアクセスでき、
(b)鍵を管理するビジネス上の責任と機能的責任は、暗号化されたメディアを管理する責任と切り離され、
(c)メディア・キーは、メディアを復号するために用いられるメディア・キーとして、「ジャスト・イン・タイム」でエンドユーザーに配信され、
(d)メディア・キーは、認可されたユーザーの公開鍵で暗号化されていないかぎり、信頼できるキー・サーバー以外のどこにも送信されずかつ格納されず、
(e)エンドユーザーによる使用に必要なシステムの各種ステップは非常に簡単なので、安全化手法や暗号化手法に関する特殊な知識や能力は、このシステムを使用するユーザーに必要がない、
ことである。
The advantages of this system described are
(A) Only authorized recipients can access the media key,
(B) The business and functional responsibilities for managing keys are separated from the responsibility for managing encrypted media;
(C) The media key is delivered to the end user “just in time” as the media key used to decrypt the media;
(D) the media key is not sent or stored anywhere other than a trusted key server, unless encrypted with the authorized user's public key;
(E) Since the various steps of the system required for use by the end user are very simple, no special knowledge or ability regarding the security method or encryption method is necessary for the user using this system.
That is.
Claims (4)
暗号化エンティティーは、メディア・キーを用いてメディアを暗号化し、暗号化されたメディアをメディア・サーバーに転送し、メディア・キーをキー・サーバーに転送し、このメディア・サーバーとキー・サーバーは別箇のエンティティーで管理され、
一つ又は複数のサーバーにおいてステアリング・ファイルを形成し、各々のステアリング・ファイルは各々のメディアとその対応するメディア・キーに対応し、前記ステアリング・ファイルはメディアとメディア・キーの位置を識別する情報を含み、前記ステアリング・ファイルを一つ又は複数の小売サーバーで利用可能として、顧客装置で処理される時点で前記ステアリング・ファイルで識別されたメディアに対してメディア・キーの前記キー・サーバーに要求を行い、前記メディア・サーバーに対して前記ステアリング・ファイル中で識別される暗号化されたメディアを供給するよう要求し、
一つの小売サーバーにおいて、前記メディアに対するエンド・ユーザーからのステアリング・ファイルに対する要求を受け取り、前記ステアリング・ファイルを顧客装置にダウンロードし、当該ステアリング・ファイルは前記メディア・キーと暗号化メディアとを要求する顧客装置上のユーザーのソフトウエアの情報を含み、
前記キー・サーバーにおいて、前記メディア・キーへの要求を受け取り、当該ステアリング・ファイルは前記顧客装置上のユーザーのソフトウエアに前記要求を送らせ、
キー・サーバーが、外部手段にエンド・ユーザーが要求されたメディア・キーを受け取る資格があると判断した場合には、メディア・キーを暗号化し、当該メディア・キーを前記エンド・ユーザーにダウンロードし、
前記メディア・サーバーにおいて、前記暗号化されたメディアを配達する要求を受けて、前記メディアを前記顧客装置にダウンロードし、前記ステアリング・ファイルは前記顧客装置上のユーザー・ソフトウエアに作用して前記暗号化されたメディアを配達するよう要求し、
前記顧客装置において、前記メディア・キーを復号化し、当該復号化されたメディア・キーを用いて前記暗号化されたメディアを復号化して、聴取する、ことを特徴とする方法。A method for safely distributing digital audio-visual works (media) to consumers via a data network,
The encryption entity encrypts the media with the media key, forwards the encrypted media to the media server, forwards the media key to the key server, and the media server and key server Managed by a separate entity,
A steering file is formed at one or more servers, each steering file corresponding to each media and its corresponding media key, said steering file being information identifying the location of the media and media key Requesting the key server for a media key for the media identified in the steering file at the time it is processed by a customer device, making the steering file available to one or more retail servers Requesting the media server to supply encrypted media identified in the steering file;
A retail server receives a request for a steering file from the end user for the media, downloads the steering file to a customer device, and the steering file requests the media key and encrypted media Contains information about the user's software on the customer device,
The key server receives a request for the media key and the steering file causes the user software on the customer device to send the request;
If the key server determines that the external user is entitled to receive the requested media key in an external means, it encrypts the media key, downloads the media key to the end user,
The media server receives the request to deliver the encrypted media, downloads the media to the customer device, and the steering file acts on user software on the customer device to operate the encryption. Request delivery of categorized media,
The customer device decrypts the media key, decrypts the encrypted media using the decrypted media key, and listens.
前記著作物をメディア・キーを用いて暗号化し、
前記暗号化された著作物を第1のサーバーに格納し、
前記暗号化鍵を第2のサーバーに格納し、
前記各々の著作物対応する鍵に対応する一つ又は複数のサーバーにステアリング・ファイルを構成し、当該ステアリング・ファイルは前記著作物と前記暗号化された鍵の位置を識別する情報を含み、
第3のサーバー上で、各々の著作物に対応するステアリング・ファイルを利用して消費者に購買可能とし、
前記ステアリング・ファイルはネットワークで接続された顧客装置で実行されると、前記消費者にアクセス可能で当該ステアリング・ファイルは前記顧客装置を動作させて前記第2のサーバーに前記ステアリング・ファイルで識別された著作物の暗号化鍵を要求させ、
前記第2のサーバーで、前記関連する暗号化鍵を前記消費者に固有の鍵で暗号化して、前記顧客装置にダウンロードし、
前記暗号化鍵を前記顧客装置で復号化してメモリに格納し、
前記顧客装置から前記第1のサーバーに要求して、前記ステアリング・ファイルで識別された著作物を配達し、
前記暗号化された著作物を前記第1のサーバーから前記顧客装置にダウンロードし、
前記メモリから前記暗号化鍵を検索し、当該暗号化鍵を用いて前記著作物を復号化して聴取する、
ステップからなる方法。A method for safely distributing digitalized works over a data network to consumers,
Encrypt the work using a media key,
Storing the encrypted work on a first server;
Storing the encryption key in a second server;
Configuring a steering file on one or more servers corresponding to the key corresponding to each of the copyrighted works, the steering file including information identifying the location of the copyrighted work and the encrypted key;
On the third server, you can make purchases to consumers using the steering file corresponding to each copyrighted work,
When the steering file is executed by a customer device connected via a network, the consumer file is accessible and the steering file is identified by the second server by operating the customer device. Request an encryption key for the copyrighted work,
The second server encrypts the associated encryption key with a key unique to the consumer and downloads it to the customer device;
Decrypting the encryption key with the customer device and storing it in memory;
Request from the customer device to the first server to deliver the work identified in the steering file;
Downloading the encrypted work from the first server to the customer device;
Retrieve the encryption key from the memory, decrypt the work using the encryption key and listen to it;
A method consisting of steps.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US26984501P | 2001-02-21 | 2001-02-21 | |
US60/269,845 | 2001-02-21 | ||
PCT/NZ2002/000018 WO2002067548A1 (en) | 2001-02-21 | 2002-02-19 | Encrypted media key management |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2008187229A Division JP2008252956A (en) | 2001-02-21 | 2008-07-18 | Encrypted media key management |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2004529534A JP2004529534A (en) | 2004-09-24 |
JP4750348B2 true JP4750348B2 (en) | 2011-08-17 |
Family
ID=23028885
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2002566946A Expired - Lifetime JP4750348B2 (en) | 2001-02-21 | 2002-02-19 | Managing keys for encrypted media |
JP2008187229A Pending JP2008252956A (en) | 2001-02-21 | 2008-07-18 | Encrypted media key management |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2008187229A Pending JP2008252956A (en) | 2001-02-21 | 2008-07-18 | Encrypted media key management |
Country Status (6)
Country | Link |
---|---|
US (1) | US7076067B2 (en) |
EP (1) | EP1371170B1 (en) |
JP (2) | JP4750348B2 (en) |
AT (1) | ATE324721T1 (en) |
DE (2) | DE60228509D1 (en) |
WO (1) | WO2002067548A1 (en) |
Families Citing this family (129)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7188352B2 (en) | 1995-07-11 | 2007-03-06 | Touchtunes Music Corporation | Intelligent digital audiovisual playback system |
US7424731B1 (en) | 1994-10-12 | 2008-09-09 | Touchtunes Music Corporation | Home digital audiovisual information recording and playback system |
DK0786121T3 (en) | 1994-10-12 | 2000-07-03 | Touchtunes Music Corp | Digital, intelligent audio-visual reproduction system |
US8661477B2 (en) | 1994-10-12 | 2014-02-25 | Touchtunes Music Corporation | System for distributing and selecting audio and video information and method implemented by said system |
FR2753868A1 (en) | 1996-09-25 | 1998-03-27 | Technical Maintenance Corp | METHOD FOR SELECTING A RECORDING ON AN AUDIOVISUAL DIGITAL REPRODUCTION SYSTEM AND SYSTEM FOR IMPLEMENTING THE METHOD |
FR2769165B1 (en) | 1997-09-26 | 2002-11-29 | Technical Maintenance Corp | WIRELESS SYSTEM WITH DIGITAL TRANSMISSION FOR SPEAKERS |
FR2781582B1 (en) | 1998-07-21 | 2001-01-12 | Technical Maintenance Corp | SYSTEM FOR DOWNLOADING OBJECTS OR FILES FOR SOFTWARE UPDATE |
US8028318B2 (en) | 1999-07-21 | 2011-09-27 | Touchtunes Music Corporation | Remote control unit for activating and deactivating means for payment and for displaying payment status |
FR2781591B1 (en) | 1998-07-22 | 2000-09-22 | Technical Maintenance Corp | AUDIOVISUAL REPRODUCTION SYSTEM |
FR2781580B1 (en) | 1998-07-22 | 2000-09-22 | Technical Maintenance Corp | SOUND CONTROL CIRCUIT FOR INTELLIGENT DIGITAL AUDIOVISUAL REPRODUCTION SYSTEM |
US8726330B2 (en) | 1999-02-22 | 2014-05-13 | Touchtunes Music Corporation | Intelligent digital audiovisual playback system |
FR2796482B1 (en) | 1999-07-16 | 2002-09-06 | Touchtunes Music Corp | REMOTE MANAGEMENT SYSTEM FOR AT LEAST ONE AUDIOVISUAL INFORMATION REPRODUCING DEVICE |
FR2805377B1 (en) | 2000-02-23 | 2003-09-12 | Touchtunes Music Corp | EARLY ORDERING PROCESS FOR A SELECTION, DIGITAL SYSTEM AND JUKE-BOX FOR IMPLEMENTING THE METHOD |
FR2805072B1 (en) | 2000-02-16 | 2002-04-05 | Touchtunes Music Corp | METHOD FOR ADJUSTING THE SOUND VOLUME OF A DIGITAL SOUND RECORDING |
FR2805060B1 (en) | 2000-02-16 | 2005-04-08 | Touchtunes Music Corp | METHOD FOR RECEIVING FILES DURING DOWNLOAD |
FR2808906B1 (en) | 2000-05-10 | 2005-02-11 | Touchtunes Music Corp | DEVICE AND METHOD FOR REMOTELY MANAGING A NETWORK OF AUDIOVISUAL INFORMATION REPRODUCTION SYSTEMS |
FR2811175B1 (en) | 2000-06-29 | 2002-12-27 | Touchtunes Music Corp | AUDIOVISUAL INFORMATION DISTRIBUTION METHOD AND AUDIOVISUAL INFORMATION DISTRIBUTION SYSTEM |
FR2811114B1 (en) | 2000-06-29 | 2002-12-27 | Touchtunes Music Corp | DEVICE AND METHOD FOR COMMUNICATION BETWEEN A SYSTEM FOR REPRODUCING AUDIOVISUAL INFORMATION AND AN ELECTRONIC ENTERTAINMENT MACHINE |
US8140859B1 (en) | 2000-07-21 | 2012-03-20 | The Directv Group, Inc. | Secure storage and replay of media programs using a hard-paired receiver and storage device |
US7457414B1 (en) | 2000-07-21 | 2008-11-25 | The Directv Group, Inc. | Super encrypted storage and retrieval of media programs with smartcard generated keys |
FR2814085B1 (en) | 2000-09-15 | 2005-02-11 | Touchtunes Music Corp | ENTERTAINMENT METHOD BASED ON MULTIPLE CHOICE COMPETITION GAMES |
US20020114453A1 (en) * | 2001-02-21 | 2002-08-22 | Bartholet Thomas G. | System and method for secure cryptographic data transport and storage |
IL157854A0 (en) * | 2001-03-28 | 2004-03-28 | Digital rights management system and method | |
FR2824212A1 (en) * | 2001-04-25 | 2002-10-31 | Thomson Licensing Sa | METHOD FOR MANAGING A SYMMETRIC KEY IN A COMMUNICATION NETWORK AND DEVICES FOR IMPLEMENTING IT |
US20030023862A1 (en) * | 2001-04-26 | 2003-01-30 | Fujitsu Limited | Content distribution system |
US6876984B2 (en) * | 2001-05-31 | 2005-04-05 | Contentguard Holdings, Inc. | Method and apparatus for establishing usage rights for digital content to be created in the future |
US8275716B2 (en) | 2001-05-31 | 2012-09-25 | Contentguard Holdings, Inc. | Method and system for subscription digital rights management |
US7257844B2 (en) * | 2001-07-31 | 2007-08-14 | Marvell International Ltd. | System and method for enhanced piracy protection in a wireless personal communication device |
US7409562B2 (en) | 2001-09-21 | 2008-08-05 | The Directv Group, Inc. | Method and apparatus for encrypting media programs for later purchase and viewing |
JP2003108520A (en) * | 2001-09-28 | 2003-04-11 | Canon Inc | Information providing server, terminal device, its control method and information providing system |
US20030118188A1 (en) * | 2001-12-26 | 2003-06-26 | Collier David C. | Apparatus and method for accessing material using an entity locked secure registry |
US8261059B2 (en) * | 2001-10-25 | 2012-09-04 | Verizon Business Global Llc | Secure file transfer and secure file transfer protocol |
ATE443970T1 (en) * | 2001-12-11 | 2009-10-15 | Ericsson Telefon Ab L M | METHOD OF LEGAL MANAGEMENT FOR STREAMING MEDIA |
US8065713B1 (en) | 2001-12-12 | 2011-11-22 | Klimenty Vainstein | System and method for providing multi-location access management to secured items |
US7681034B1 (en) | 2001-12-12 | 2010-03-16 | Chang-Ping Lee | Method and apparatus for securing electronic data |
US7921288B1 (en) * | 2001-12-12 | 2011-04-05 | Hildebrand Hal S | System and method for providing different levels of key security for controlling access to secured items |
US7260555B2 (en) | 2001-12-12 | 2007-08-21 | Guardian Data Storage, Llc | Method and architecture for providing pervasive security to digital assets |
US10360545B2 (en) | 2001-12-12 | 2019-07-23 | Guardian Data Storage, Llc | Method and apparatus for accessing secured electronic data off-line |
US7921450B1 (en) | 2001-12-12 | 2011-04-05 | Klimenty Vainstein | Security system using indirect key generation from access rules and methods therefor |
US7930756B1 (en) | 2001-12-12 | 2011-04-19 | Crocker Steven Toye | Multi-level cryptographic transformations for securing digital assets |
US7380120B1 (en) | 2001-12-12 | 2008-05-27 | Guardian Data Storage, Llc | Secured data format for access control |
US7921284B1 (en) | 2001-12-12 | 2011-04-05 | Gary Mark Kinghorn | Method and system for protecting electronic data in enterprise environment |
US7783765B2 (en) | 2001-12-12 | 2010-08-24 | Hildebrand Hal S | System and method for providing distributed access control to secured documents |
US7565683B1 (en) | 2001-12-12 | 2009-07-21 | Weiqing Huang | Method and system for implementing changes to security policies in a distributed security system |
USRE41546E1 (en) | 2001-12-12 | 2010-08-17 | Klimenty Vainstein | Method and system for managing security tiers |
US8006280B1 (en) | 2001-12-12 | 2011-08-23 | Hildebrand Hal S | Security system for generating keys from access rules in a decentralized manner and methods therefor |
US7178033B1 (en) | 2001-12-12 | 2007-02-13 | Pss Systems, Inc. | Method and apparatus for securing digital assets |
US10033700B2 (en) | 2001-12-12 | 2018-07-24 | Intellectual Ventures I Llc | Dynamic evaluation of access rights |
US7950066B1 (en) | 2001-12-21 | 2011-05-24 | Guardian Data Storage, Llc | Method and system for restricting use of a clipboard application |
US7400729B2 (en) * | 2001-12-28 | 2008-07-15 | Intel Corporation | Secure delivery of encrypted digital content |
US8176334B2 (en) | 2002-09-30 | 2012-05-08 | Guardian Data Storage, Llc | Document security system that permits external users to gain access to secured files |
US8613102B2 (en) | 2004-03-30 | 2013-12-17 | Intellectual Ventures I Llc | Method and system for providing document retention using cryptography |
US7512810B1 (en) | 2002-09-11 | 2009-03-31 | Guardian Data Storage Llc | Method and system for protecting encrypted files transmitted over a network |
US7822687B2 (en) | 2002-09-16 | 2010-10-26 | Francois Brillon | Jukebox with customizable avatar |
US8103589B2 (en) | 2002-09-16 | 2012-01-24 | Touchtunes Music Corporation | Digital downloading jukebox system with central and local music servers |
US8151304B2 (en) | 2002-09-16 | 2012-04-03 | Touchtunes Music Corporation | Digital downloading jukebox system with user-tailored music management, communications, and other tools |
US11029823B2 (en) | 2002-09-16 | 2021-06-08 | Touchtunes Music Corporation | Jukebox with customizable avatar |
US10373420B2 (en) | 2002-09-16 | 2019-08-06 | Touchtunes Music Corporation | Digital downloading jukebox with enhanced communication features |
US8332895B2 (en) | 2002-09-16 | 2012-12-11 | Touchtunes Music Corporation | Digital downloading jukebox system with user-tailored music management, communications, and other tools |
US9646339B2 (en) | 2002-09-16 | 2017-05-09 | Touchtunes Music Corporation | Digital downloading jukebox system with central and local music servers |
US8584175B2 (en) | 2002-09-16 | 2013-11-12 | Touchtunes Music Corporation | Digital downloading jukebox system with user-tailored music management, communications, and other tools |
US7836310B1 (en) | 2002-11-01 | 2010-11-16 | Yevgeniy Gutnik | Security system that uses indirect password-based encryption |
US7474326B2 (en) * | 2002-11-04 | 2009-01-06 | Tandberg Telecom As | Inter-network and inter-protocol video conference privacy method, apparatus, and computer program product |
US7890990B1 (en) | 2002-12-20 | 2011-02-15 | Klimenty Vainstein | Security system with staging capabilities |
DE10317037A1 (en) * | 2003-04-14 | 2004-11-04 | Orga Kartensysteme Gmbh | Process for protecting data against unauthorized use on a mobile device |
US8707034B1 (en) | 2003-05-30 | 2014-04-22 | Intellectual Ventures I Llc | Method and system for using remote headers to secure electronic files |
JP4117615B2 (en) * | 2003-06-30 | 2008-07-16 | ソニー株式会社 | Temporary storage management device, temporary storage management method, and temporary storage management program |
US7730543B1 (en) | 2003-06-30 | 2010-06-01 | Satyajit Nath | Method and system for enabling users of a group shared across multiple file security systems to access secured files |
JP2005027220A (en) * | 2003-07-02 | 2005-01-27 | Sony Corp | Communication method, its device, data processing method, and its device |
US7703140B2 (en) | 2003-09-30 | 2010-04-20 | Guardian Data Storage, Llc | Method and system for securing digital assets using process-driven security policies |
US8127366B2 (en) | 2003-09-30 | 2012-02-28 | Guardian Data Storage, Llc | Method and apparatus for transitioning between states of security policies used to secure electronic documents |
US7930757B2 (en) * | 2003-10-31 | 2011-04-19 | Adobe Systems Incorporated | Offline access in a document control system |
US8627489B2 (en) * | 2003-10-31 | 2014-01-07 | Adobe Systems Incorporated | Distributed document version control |
US8108672B1 (en) | 2003-10-31 | 2012-01-31 | Adobe Systems Incorporated | Transparent authentication process integration |
KR101022465B1 (en) * | 2003-11-13 | 2011-03-15 | 삼성전자주식회사 | Method of copying and decrypting encrypted digital data and apparatus therefor |
US7548624B2 (en) * | 2004-01-16 | 2009-06-16 | The Directv Group, Inc. | Distribution of broadcast content for remote decryption and viewing |
US7707427B1 (en) | 2004-07-19 | 2010-04-27 | Michael Frederick Kenrich | Multi-level file digests |
DE102004063964B4 (en) * | 2004-10-20 | 2010-12-16 | Vita-X Ag | computer system |
DE102004051296B3 (en) * | 2004-10-20 | 2006-05-11 | Compugroup Health Services Gmbh | Computer system e.g. for medical patient cards, has reader for portable data medium for reading key and pointer of data medium with data coded with second key |
US7995758B1 (en) | 2004-11-30 | 2011-08-09 | Adobe Systems Incorporated | Family of encryption keys |
KR20060107282A (en) * | 2005-04-07 | 2006-10-13 | 엘지전자 주식회사 | Data reproducing method, data recording/reproducing player and data transmitting method |
US8761400B2 (en) * | 2005-07-15 | 2014-06-24 | Microsoft Corporation | Hardware linked product key |
US8832047B2 (en) | 2005-07-27 | 2014-09-09 | Adobe Systems Incorporated | Distributed document version control |
US20070061835A1 (en) * | 2005-08-05 | 2007-03-15 | Realnetworks, Inc. | System and method for registering users and devices |
US9325944B2 (en) | 2005-08-11 | 2016-04-26 | The Directv Group, Inc. | Secure delivery of program content via a removable storage medium |
EP1793606A1 (en) | 2005-12-05 | 2007-06-06 | Microsoft Corporation | Distribution of keys for encryption/decryption |
WO2007090466A1 (en) * | 2006-02-08 | 2007-08-16 | Vita-X Ag | Computer system and method for storing data |
US8775319B2 (en) | 2006-05-15 | 2014-07-08 | The Directv Group, Inc. | Secure content transfer systems and methods to operate the same |
EP2092745B1 (en) * | 2006-11-20 | 2010-10-06 | Ocilion IPTV Technologies GmbH | Method for transmitting video files in a data network |
US20080154775A1 (en) * | 2006-12-22 | 2008-06-26 | Nortel Networks Limited | Re-encrypting encrypted content on a video-on-demand system |
US9171419B2 (en) | 2007-01-17 | 2015-10-27 | Touchtunes Music Corporation | Coin operated entertainment system |
US9330529B2 (en) | 2007-01-17 | 2016-05-03 | Touchtunes Music Corporation | Game terminal configured for interaction with jukebox device systems including same, and/or associated methods |
US20080226078A1 (en) * | 2007-03-12 | 2008-09-18 | Microsoft Corporation | Enabling recording and copying data |
US9953481B2 (en) | 2007-03-26 | 2018-04-24 | Touchtunes Music Corporation | Jukebox with associated video server |
US8539233B2 (en) * | 2007-05-24 | 2013-09-17 | Microsoft Corporation | Binding content licenses to portable storage devices |
JP2009033411A (en) * | 2007-07-26 | 2009-02-12 | Sharp Corp | Broadcast receiver and pay program providing system |
US8332887B2 (en) | 2008-01-10 | 2012-12-11 | Touchtunes Music Corporation | System and/or methods for distributing advertisements from a central advertisement network to a peripheral device via a local advertisement server |
US10290006B2 (en) | 2008-08-15 | 2019-05-14 | Touchtunes Music Corporation | Digital signage and gaming services to comply with federal and state alcohol and beverage laws and regulations |
US9324064B2 (en) | 2007-09-24 | 2016-04-26 | Touchtunes Music Corporation | Digital jukebox device with karaoke and/or photo booth features, and associated methods |
IL188254A0 (en) * | 2007-12-19 | 2008-11-03 | Isaac J Labaton | Memory management method for the impovement of portable devices applications' security |
US20090327091A1 (en) * | 2008-06-26 | 2009-12-31 | Microsoft Corporation | License management for software products |
US8849435B2 (en) | 2008-07-09 | 2014-09-30 | Touchtunes Music Corporation | Digital downloading jukebox with revenue-enhancing features |
JP2010021888A (en) * | 2008-07-11 | 2010-01-28 | Toshiba Corp | Communication apparatus, key server, and management server |
JP5872289B2 (en) * | 2008-11-20 | 2016-03-01 | コーニンクレッカ フィリップス エヌ ヴェKoninklijke Philips N.V. | Method and apparatus for managing digital content |
JP5404030B2 (en) * | 2008-12-26 | 2014-01-29 | デジタルア−ツ株式会社 | Electronic file transmission method |
GB2467580B (en) * | 2009-02-06 | 2013-06-12 | Thales Holdings Uk Plc | System and method for multilevel secure object management |
US9292166B2 (en) | 2009-03-18 | 2016-03-22 | Touchtunes Music Corporation | Digital jukebox device with improved karaoke-related user interfaces, and associated methods |
US10719149B2 (en) | 2009-03-18 | 2020-07-21 | Touchtunes Music Corporation | Digital jukebox device with improved user interfaces, and associated methods |
KR101748448B1 (en) | 2009-03-18 | 2017-06-16 | 터치튠즈 뮤직 코포레이션 | Entertainment server and associated social networking services |
US10564804B2 (en) | 2009-03-18 | 2020-02-18 | Touchtunes Music Corporation | Digital jukebox device with improved user interfaces, and associated methods |
US8763156B2 (en) | 2009-07-10 | 2014-06-24 | Disney Enterprises, Inc. | Digital receipt for use with an interoperable keychest |
US8755526B2 (en) * | 2009-07-10 | 2014-06-17 | Disney Enterprises, Inc. | Universal file packager for use with an interoperable keychest |
US10621518B2 (en) | 2009-07-10 | 2020-04-14 | Disney Enterprises, Inc. | Interoperable keychest |
WO2011039677A1 (en) * | 2009-09-30 | 2011-04-07 | Koninklijke Philips Electronics N.V. | Methods and devices for managing content |
WO2011094330A1 (en) | 2010-01-26 | 2011-08-04 | Touchtunes Music Corporation | Digital jukebox device with improved user interfaces, and associated methods |
US9197407B2 (en) | 2011-07-19 | 2015-11-24 | Cyberlink Corp. | Method and system for providing secret-less application framework |
US11151224B2 (en) | 2012-01-09 | 2021-10-19 | Touchtunes Music Corporation | Systems and/or methods for monitoring audio inputs to jukebox devices |
WO2014032707A1 (en) * | 2012-08-29 | 2014-03-06 | Siemens Convergence Creators Gmbh | Method and system for assigning information contents |
WO2015070070A1 (en) | 2013-11-07 | 2015-05-14 | Touchtunes Music Corporation | Techniques for generating electronic menu graphical user interface layouts for use in connection with electronic devices |
EP3123293A4 (en) | 2014-03-25 | 2017-09-27 | Touchtunes Music Corporation | Digital jukebox device with improved user interfaces, and associated methods |
CN104009839A (en) * | 2014-06-16 | 2014-08-27 | 华中师范大学 | Generating method for secret keys with user information |
CN104091230A (en) * | 2014-06-20 | 2014-10-08 | 安徽云盾信息技术有限公司 | Product tracking method |
US9565184B2 (en) * | 2014-09-30 | 2017-02-07 | Anthony Tan | Digital certification analyzer temporary external secured storage |
US9419965B2 (en) * | 2014-09-30 | 2016-08-16 | Anthony Tan | Digital certification analyzer |
EP3032453B1 (en) | 2014-12-08 | 2019-11-13 | eperi GmbH | Storing data in a server computer with deployable encryption/decryption infrastructure |
US10205710B2 (en) * | 2015-01-08 | 2019-02-12 | Intertrust Technologies Corporation | Cryptographic systems and methods |
WO2017004447A1 (en) * | 2015-06-30 | 2017-01-05 | Activevideo Networks, Inc. | Remotely managed trusted execution environment for digital-rights management in a distributed network with thin clients |
WO2017083985A1 (en) | 2015-11-20 | 2017-05-26 | Genetec Inc. | Media streaming |
US10372926B1 (en) * | 2015-12-21 | 2019-08-06 | Amazon Technologies, Inc. | Passive distribution of encryption keys for distributed data stores |
Family Cites Families (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH09114787A (en) * | 1995-10-23 | 1997-05-02 | Nippon Telegr & Teleph Corp <Ntt> | Method and system for information distribution |
US5999629A (en) * | 1995-10-31 | 1999-12-07 | Lucent Technologies Inc. | Data encryption security module |
US5673316A (en) * | 1996-03-29 | 1997-09-30 | International Business Machines Corporation | Creation and distribution of cryptographic envelope |
US5864620A (en) * | 1996-04-24 | 1999-01-26 | Cybersource Corporation | Method and system for controlling distribution of software in a multitiered distribution chain |
US5862220A (en) * | 1996-06-03 | 1999-01-19 | Webtv Networks, Inc. | Method and apparatus for using network address information to improve the performance of network transactions |
US6073124A (en) * | 1997-01-29 | 2000-06-06 | Shopnow.Com Inc. | Method and system for securely incorporating electronic information into an online purchasing application |
JPH11126020A (en) * | 1997-07-18 | 1999-05-11 | Irdeto Bv | Integrated circuit and safe data processing method employing the integrated circuit |
AU1184999A (en) * | 1997-09-05 | 1999-03-22 | Librius, Inc. | System for transmitting with encryption and displaying electronic books |
JPH11266483A (en) * | 1998-03-18 | 1999-09-28 | Toshiba Corp | Information delivery method and portable terminal equipment |
JPH11328214A (en) * | 1998-05-20 | 1999-11-30 | Nippon Telegr & Teleph Corp <Ntt> | Information retrieval and display method for multimedia merchandise and system |
US6226618B1 (en) * | 1998-08-13 | 2001-05-01 | International Business Machines Corporation | Electronic content delivery system |
US20010016836A1 (en) * | 1998-11-02 | 2001-08-23 | Gilles Boccon-Gibod | Method and apparatus for distributing multimedia information over a network |
JP2000183867A (en) * | 1998-12-15 | 2000-06-30 | Hitachi Ltd | Ciphering processor |
AU2515800A (en) * | 1999-01-26 | 2000-08-07 | Infolio, Inc. | Universal mobile id system and method for digital rights management |
US7103574B1 (en) * | 1999-03-27 | 2006-09-05 | Microsoft Corporation | Enforcement architecture and method for digital rights management |
JP2000330873A (en) * | 1999-05-18 | 2000-11-30 | M Ken:Kk | Contents distribution system, method therefor and recording medium |
WO2000075787A1 (en) * | 1999-06-05 | 2000-12-14 | Hyo Joon Park | Digital product license control system based on independent digital product registration server |
US6636966B1 (en) * | 2000-04-03 | 2003-10-21 | Dphi Acquisitions, Inc. | Digital rights management within an embedded storage device |
-
2001
- 2001-07-10 US US09/901,473 patent/US7076067B2/en not_active Expired - Fee Related
-
2002
- 2002-02-19 DE DE60228509T patent/DE60228509D1/en not_active Expired - Lifetime
- 2002-02-19 WO PCT/NZ2002/000018 patent/WO2002067548A1/en active IP Right Grant
- 2002-02-19 DE DE60210938T patent/DE60210938T2/en not_active Expired - Lifetime
- 2002-02-19 JP JP2002566946A patent/JP4750348B2/en not_active Expired - Lifetime
- 2002-02-19 AT AT02701824T patent/ATE324721T1/en not_active IP Right Cessation
- 2002-02-19 EP EP02701824A patent/EP1371170B1/en not_active Expired - Lifetime
-
2008
- 2008-07-18 JP JP2008187229A patent/JP2008252956A/en active Pending
Also Published As
Publication number | Publication date |
---|---|
US20020162104A1 (en) | 2002-10-31 |
DE60228509D1 (en) | 2008-10-02 |
DE60210938D1 (en) | 2006-06-01 |
EP1371170B1 (en) | 2006-04-26 |
EP1371170A4 (en) | 2004-06-16 |
DE60210938T2 (en) | 2006-11-16 |
ATE324721T1 (en) | 2006-05-15 |
JP2008252956A (en) | 2008-10-16 |
EP1371170A1 (en) | 2003-12-17 |
US7076067B2 (en) | 2006-07-11 |
JP2004529534A (en) | 2004-09-24 |
WO2002067548A1 (en) | 2002-08-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4750348B2 (en) | Managing keys for encrypted media | |
US7757299B2 (en) | Conditional access to digital rights management conversion | |
US6996544B2 (en) | Multiple party content distribution system and method with rights management features | |
US11586753B2 (en) | Secure content access system | |
US20040019801A1 (en) | Secure content sharing in digital rights management | |
US20050262573A1 (en) | Content presentation | |
US20030140257A1 (en) | Encryption, authentication, and key management for multimedia content pre-encryption | |
US20090016533A1 (en) | Controlling With Rights Objects Delivery Of Broadcast Encryption Content For A Network Cluster From A Content Server Outside The Cluster | |
JP2004048687A (en) | System and method for secure distribution of digital content via network | |
JP2008500589A (en) | Secure communication with changing identifiers and watermarking in real time | |
MX2007003228A (en) | System and method for providing authorized access to digital content. | |
JP2012069141A (en) | Use of media storage structure with pieces of a plurality of contents of content distribution system | |
US20110069836A1 (en) | Off-line content delivery system with layered encryption | |
CN101160965B (en) | Method of implementing preview of network TV program, encryption device, copyright center system and subscriber terminal equipment | |
WO2003081499A1 (en) | License management method and license management apparatus | |
US20070050293A1 (en) | Method and apparatus for distributing content to a client device | |
EP1667355B1 (en) | Encrypted media key management | |
JPH10333769A (en) | Multi-media data distribution system and multi-media data reproduction terminal | |
WO2002001799A2 (en) | Method and apparatus for securely managing membership in group communications | |
JP2002204228A (en) | Device and method for distributing contents, and program and device for downloading contents | |
JP2004013564A (en) | Viewing frequency restricted contents generating device, viewing frequency restricted contents reproducing device and its program, viewing frequency restricted contents distributing method and its program | |
JP2001350727A (en) | Contents distribution system | |
JP4159818B2 (en) | Content distribution apparatus, content distribution method, content distribution program, and recording medium | |
JP2004320623A (en) | Streaming content distributing system, method, program, and computer readable medium | |
JP2002374518A (en) | Distribution system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20050216 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20070807 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20071107 |
|
A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20071114 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20071207 |
|
A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20071214 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20080107 |
|
A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20080115 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20080207 |
|
A02 | Decision of refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A02 Effective date: 20080321 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20080718 |
|
A911 | Transfer to examiner for re-examination before appeal (zenchi) |
Free format text: JAPANESE INTERMEDIATE CODE: A911 Effective date: 20081002 |
|
A912 | Re-examination (zenchi) completed and case transferred to appeal board |
Free format text: JAPANESE INTERMEDIATE CODE: A912 Effective date: 20081226 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20100720 |
|
A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20100723 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20100820 |
|
A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20100826 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20110126 |
|
A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20110131 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20110228 |
|
A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20110304 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20110328 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20110519 |
|
R150 | Certificate of patent or registration of utility model |
Free format text: JAPANESE INTERMEDIATE CODE: R150 Ref document number: 4750348 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20140527 Year of fee payment: 3 |
|
FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20140527 Year of fee payment: 3 |
|
S111 | Request for change of ownership or part of ownership |
Free format text: JAPANESE INTERMEDIATE CODE: R313113 |
|
S531 | Written request for registration of change of domicile |
Free format text: JAPANESE INTERMEDIATE CODE: R313531 |
|
FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20140527 Year of fee payment: 3 |
|
R350 | Written notification of registration of transfer |
Free format text: JAPANESE INTERMEDIATE CODE: R350 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
S111 | Request for change of ownership or part of ownership |
Free format text: JAPANESE INTERMEDIATE CODE: R313113 |
|
R371 | Transfer withdrawn |
Free format text: JAPANESE INTERMEDIATE CODE: R371 |
|
S111 | Request for change of ownership or part of ownership |
Free format text: JAPANESE INTERMEDIATE CODE: R313113 |
|
R350 | Written notification of registration of transfer |
Free format text: JAPANESE INTERMEDIATE CODE: R350 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
S111 | Request for change of ownership or part of ownership |
Free format text: JAPANESE INTERMEDIATE CODE: R313113 |
|
S531 | Written request for registration of change of domicile |
Free format text: JAPANESE INTERMEDIATE CODE: R313531 |
|
R350 | Written notification of registration of transfer |
Free format text: JAPANESE INTERMEDIATE CODE: R350 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
EXPY | Cancellation because of completion of term |